Bump the all group across 1 directory with 5 updates

[dependabot[bot]]

Bumps the all group with 5 updates in the / directory:

Package	From	To
github.com/cert-manager/cert-manager	1.15.0	1.15.1
github.com/spf13/cobra	1.8.0	1.8.1
google.golang.org/grpc	1.64.0	1.65.0
istio.io/api	1.22.1	1.22.2
k8s.io/klog/v2	2.120.1	2.130.1

Updates github.com/cert-manager/cert-manager from 1.15.0 to 1.15.1

Release notes

Sourced from github.com/cert-manager/cert-manager's releases.

v1.15.1

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

🔗 See v1.15.0 for more information about cert-manager 1.15 and read-before-upgrade info.

📜 Changes since v1.15.0

Bug or Regression

• BUGFIX: fix issue that caused Vault issuer to not retry signing when an error was encountered. (#7111, @​inteon)

Other (Cleanup or Flake)

• Update github.com/Azure/azure-sdk-for-go/sdk/azidentity to address CVE-2024-35255 (#7092, @​ThatsMrTalbot)
• Bump the go-retryablehttp dependency to fix CVE-2024-6104 (#7130, @​SgtCoDFish)

Commits

• 5b04ec6 Merge pull request #7130 from SgtCoDFish/release-1.15-bump-http-lib
• 7936ff0 [release-1.15] Bump go-retryablehttp to address CVE-2024-6104
• 3da4f98 Merge pull request #7111 from inteon/release-1.15_vault_bugfix
• db2a8f5 add testcase
• c680694 only retry when encountering a Vault non-InvalidData error
• c91273a BUGFIX: retry signing when encountering transient error
• d95c635 Merge pull request #7092 from ThatsMrTalbot/chore/update-azidentity-1.6.0
• 48bf30a chore: updating github.com/Azure/azure-sdk-for-go/sdk/azidentity to address C...
• 9b53314 Merge pull request #7091 from cert-manager-bot/cherry-pick-7090-to-release-1.15
• 7ec86d2 feat: normalize azure errors
• See full diff in compare view

Updates github.com/spf13/cobra from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.1

✨ Features

• Add env variable to suppress completion descriptions on create by @​scop in spf13/cobra#1938

🐛 Bug fixes

• Micro-optimizations by @​scop in spf13/cobra#1957

🔧 Maintenance

• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 by @​dependabot in spf13/cobra#2127
• Consistent annotation names by @​nirs in spf13/cobra#2140
• Remove fully inactivated linters by @​nirs in spf13/cobra#2148
• Address golangci-lint deprecation warnings, enable some more linters by @​scop in spf13/cobra#2152

🧪 Testing & CI/CD

• Add test for func in cobra.go by @​korovindenis in spf13/cobra#2094
• ci: test golang 1.22 by @​cyrilico in spf13/cobra#2113
• Optimized and added more linting by @​scop in spf13/cobra#2099
• build(deps): bump actions/setup-go from 4 to 5 by @​dependabot in spf13/cobra#2087
• build(deps): bump actions/labeler from 4 to 5 by @​dependabot in spf13/cobra#2086
• build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @​dependabot in spf13/cobra#2108
• build(deps): bump actions/cache from 3 to 4 by @​dependabot in spf13/cobra#2102

✏️ Documentation

• Fixes and docs for usage as plugin by @​nirs in spf13/cobra#2070
• flags: clarify documentation that LocalFlags related function do not modify the state by @​niamster in spf13/cobra#2064
• chore: remove repetitive words by @​racerole in spf13/cobra#2122
• Add LXC to the list of projects using Cobra @​VaradBelwalkar in spf13/cobra#2071
• Update projects_using_cobra.md by @​marcuskohlberg in spf13/cobra#2089
• [chore]: update projects using cobra by @​cmwylie19 in spf13/cobra#2093
• Add Taikun CLI to list of projects by @​Smidra in spf13/cobra#2098
• Add Incus to the list of projects using Cobra by @​montag451 in spf13/cobra#2118

... (truncated)

Commits

• e94f6d0 Address golangci-lint deprecation warnings, enable some more linters (#2152)
• 8003b74 Remove fully inactivated linters (#2148)
• 5c2c1d6 Consistent annotation names (#2140)
• 5a1acea build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 (#2127)
• 0fc86c2 docs: update user guide (#2128)
• 6b5f577 More linting (#2099)
• bd914e5 fix: remove deprecated io/ioutils package (#2120)
• 1f80fa2 chore: remove repetitive words (#2122)
• c69ae4c ci: test golang 1.22 (#2113)
• a30cee5 build(deps): bump actions/cache from 3 to 4 (#2102)
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.64.0 to 1.65.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.65.0

Dependencies

• Change support policy to cover only the latest TWO releases of Go, matching the policy for Go itself. See #7249 for more information. (#7250)
• Update x/net/http2 to address CVE-2023-45288 (#7282)

Behavior Changes

• credentials/tls: clients and servers will now reject connections that don't support ALPN when environment variable GRPC_ENFORCE_ALPN_ENABLED is set to "true" (case insensitive). (#7184)
  • NOTE: this behavior will become the default in a future release.
• metadata: remove String method from MD to make printing more consistent (#7373)

New Features

• grpc: add WithMaxCallAttempts to configure gRPC's retry behavior per-channel. (#7229)
  • Special Thanks: @​imoore76

Bug Fixes

• ringhash: properly apply endpoint weights instead of ignoring them (#7156)
• xds: fix a bug that could cause xds-enabled servers to stop accepting new connections after handshaking errors (#7128)
  • Special Thanks: @​bozaro

Commits

• 2da9769 Change version to 1.65.0 (#7306)
• ede96b7 metadata: remove String method (#7373)
• 64be203 grpc: Readd pick first name (#7336) (#7341)
• 25e33a6 examples: Add CSM Observability example (#7302) (#7318)
• 04a5f46 xds/internal/xdsclient: Emit unknown for CSM Labels if not present in CDS (#7...
• cff5c3e stats/opentelemetry: Add e2e testing for CSM Observability (#7279) (#7316)
• 9b970fd dns: fix constant 30s backoff for re-resolution (#7262) (#7311)
• 6d23620 documentation: on server, use FromIncomingContext for retrieving context and...
• 7e5898e xds: unify xDS client creation APIs meant for testing (#7268)
• 5d7bd7a interop/xds: Interop client and server changes for CSM Observability (#7280)
• Additional commits viewable in compare view

Updates istio.io/api from 1.22.1 to 1.22.2

Commits

• 8214ad1 [release-1.22] remove WIP annotations (#3242)
• adedc27 Automator: update common-files@release-1.22 in istio/api@release-1.22 (#3238)
• See full diff in compare view

Updates k8s.io/klog/v2 from 2.120.1 to 2.130.1

Release notes

Sourced from k8s.io/klog/v2's releases.

Prepare klog release for Kubernetes v1.31 (Take 2)

What's Changed

• data race: avoid unprotected access to sb.file by @​pohly in kubernetes/klog#408

Full Changelog: https://github.com/kubernetes/klog/compare/v2.130.0...v2.130.1

Prepare klog release for Kubernetes v1.31 (Take 1)

What's Changed

• chore(*): fix spelling of Intel Corporation by @​jsoref in kubernetes/klog#399
• build: fix some linter warnings by @​pohly in kubernetes/klog#402
• examples: fix linter warning by @​pohly in kubernetes/klog#406
• Do not acquire lock for file.Sync() fsync call by @​1978629634 in kubernetes/klog#404
• ktesting: tone down warning about leaked test goroutine by @​pohly in kubernetes/klog#401

New Contributors

• @​jsoref made their first contribution in kubernetes/klog#399
• @​1978629634 made their first contribution in kubernetes/klog#404

Full Changelog: https://github.com/kubernetes/klog/compare/v2.120.1...v2.130.0

Commits

• 75663bb Merge pull request #408 from pohly/klog-flush-sync-fix
• 2327d4c data race: avoid unprotected access to sb.file
• 16c7d26 Merge pull request #401 from pohly/ktesting-warning-delay
• cd24012 ktesting: tone down warning about leaked test goroutine
• 2ee202a Merge pull request #404 from 1978629634/fsync-freelock
• 79575d8 Do not acquire lock for file.Sync() fsync call
• 7af45d6 Merge pull request #406 from pohly/linter
• d008cfe examples: fix linter warning
• ab53041 Merge pull request #402 from pohly/linter-issues
• ff7c070 build: fix some linter warnings
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[cert-manager-prow[bot]]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a cert-manager member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.

[SgtCoDFish]

/ok-to-test

[SgtCoDFish]

/test pull-cert-manager-istio-csr-k8s-v1-26-istio-v1-18

[SgtCoDFish]

/test pull-cert-manager-istio-csr-k8s-v1-26-istio-v1-19

[SgtCoDFish]

/test pull-cert-manager-istio-csr-k8s-v1-26-istio-v1-19

[cert-manager-prow[bot]]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: SgtCoDFish

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/cert-manager/istio-csr/blob/main/OWNERS)~~ [SgtCoDFish] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment